The ripple effects of MailChimp’s data breach are slowly starting to show.
Users of the popular US fantasy sports and online sportsbook platform, FanDuel, were caught in the data breach storm, following the Jan. 12 incident.
According to a notice sent to affected customers, the threat actors behind the MailChimp attack also acquired the names and email addresses of FanDuel customers.
“Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients,” the message reads. “On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor.”
Although no passwords or financial information was compromised, FanDuel urges its customers to “remain vigilant” for phishing and account takeover attacks.
People who received this notification should reset their account password and enable multi-factor authentication, an option available when setting up any FanDuel account. Since phishing emails are likely following such incidents, users should pay close attention to any unsolicited correspondence that urges them to act on security notices. FanDuel customers should also closely review credentials for any other online platforms that used the same login email address and password to avoid further abuse across websites, account takeover attempts and password cracking.
If you have trouble generating and memorizing unique passwords and staying on top of data breaches, grab a password manager and opt for a digital identity protection solution that continuously monitors for leaks and weak points in your digital footprint, allowing you to take immediate action to protect your identity and money.